package com.company.ems.filter;

import com.company.ems.model.User;

import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;

@WebFilter("/*")
public class AuthFilter implements Filter {

    @Override
    public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain)
            throws IOException, ServletException {

        HttpServletRequest request = (HttpServletRequest) req;
        HttpServletResponse response = (HttpServletResponse) res;

        String contextPath = request.getContextPath();
        String uri = request.getRequestURI();
        String path = uri.substring(contextPath.length());

        // ✅ 放行登录页、静态资源和 EmployeeServlet 相关路径
        if (path.equals("/login") ||
                path.startsWith("/login") ||
                path.endsWith(".css") ||
                path.endsWith(".js") ||
                path.endsWith(".png") ||
                path.endsWith(".jpg") ||
                path.endsWith(".jpeg") ||
                path.endsWith(".gif") ||
                path.endsWith(".ico") ||
                path.startsWith("/css/") ||
                path.startsWith("/js/") ||
                path.startsWith("/images/") ||
                path.startsWith("/static/") ||
                path.startsWith("/assets/") ){

            chain.doFilter(req, res);
            return;
        }

        // ✅ 检查用户是否登录
        HttpSession session = request.getSession(false);
        User user = (User) (session != null ? session.getAttribute("user") : null);

        if (user == null) {
            response.sendRedirect(contextPath + "/login");
            return;
        }

        // ✅ 已登录，放行
        chain.doFilter(req, res);
    }
}



//package com.company.ems.filter;
//
//import com.company.ems.model.User;
//import javax.servlet.*;
//import javax.servlet.annotation.WebFilter;
//import javax.servlet.http.HttpServletRequest;
//import javax.servlet.http.HttpServletResponse;
//import javax.servlet.http.HttpSession;
//import java.io.IOException;
//
//@WebFilter("/*")
//public class AuthFilter implements Filter {
//
//    @Override
//    public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain)
//            throws IOException, ServletException {
//
//        HttpServletRequest request = (HttpServletRequest) req;
//        HttpServletResponse response = (HttpServletResponse) res;
//
//        String contextPath = request.getContextPath(); // 如：/webapp4_war_exploded
//        String uri = request.getRequestURI();         // 完整路径
//        String path = uri.toLowerCase();              // 转小写比较（可选）
//
//        // ✅ 1. 放行登录页和静态资源
//        if ("/login".equals(request.getServletPath()) ||
//                uri.endsWith("/login") ||
//                uri.endsWith("/login.jsp") ||
//                uri.endsWith(".css") ||
//                uri.endsWith(".js") ||
//                uri.endsWith(".png") ||
//                uri.endsWith(".jpg") ||
//                uri.endsWith(".jpeg") ||
//                uri.endsWith(".gif") ||
//                uri.endsWith(".ico") ||
//                uri.endsWith(".svg") ||
//                uri.endsWith(".woff") ||
//                uri.endsWith(".ttf") ||
//                uri.startsWith(contextPath + "/css/") ||
//                uri.startsWith(contextPath + "/js/") ||
//                uri.startsWith(contextPath + "/images/") ||
//                uri.startsWith(contextPath + "/static/") ||
//                uri.startsWith(contextPath + "/assets/")) {
//
//            chain.doFilter(req, res);
//            return;
//        }
//
//        // ✅ 2. 检查用户是否登录
//        HttpSession session = request.getSession(false);
//        User user = (User) (session != null ? session.getAttribute("user") : null);
//
//        if (user == null) {
//            // 🔁 使用绝对路径重定向
//            response.sendRedirect(contextPath + "/login");
//            return;
//        }
//
//        // ✅ 3. 已登录，放行
//        chain.doFilter(req, res);
//    }
//}
//}